In this page it is possible to download some articles and presentations by Cesare Gallotti. Here, only work not in Italian are listed. Logos and references of companies, where originally included, have been deleted from presentations.
Essays in Italian can be checked on Pubblicazioni page.
The book “Information security – Risk assessment and management” is in Italian and can be obtained only in bookstores or e-commerce websites.
- My notes on NIS2 (pdf, 561 KB). It is all that I know about it (and it is not a lot).
- VERA archive on GitHub, with the last releases of VERA and its manual in Italian and English. VERA is my Excel file for the information security (and other) risk assessment.
- VERA in English (xlsx, 225 KB), my Excel for the information security risk assessment.
- VERA 6 in Italian (Excel, 271 KB) and English (Excel, 196 KB) : my spreadsheet for the information security risk assessment with the 2013 and 2022 editions of the ISO/IEC 27001 controls (with cross-reference).
- VERA 5.0 in English, with ISO/IEC 27701 controls (xlsx, 181KB).
- VERA 4.4 for privacy (based on ISO/IEC 29151) and ISO/IEC 27001 in English: this version, an extension of VERA 4.4, may be used for privacy and information security(xlsx, 162KB).
- VERA 4.4 in English: the new version of my free information security risk assessment spreadsheet, with many corrections from the previous English one(xlsx, 127KB).
- VERA 4.0: the new version of my Very Easy Risk Assessment sheet, with ISO/IEC 27001:2013 security controls, english and italian text and new mistakes (any help will be appreciated) (xls, 200KB).
- “Appréciation conjointe ISO 27001 et ISO 20000-1”, presentation for Club 27001 in Paris (www.club-27001.fr); (pdf, 700KB).
- “Vera” (Very Easy Risk Assessment), (xls, english, 111 KB).
VERA is a simple and effective methodology for the information security risk assessment. The spreadsheet includes instructions and formulas for the risk level calculation and templates for the risk treatment plan and risk acceptance statement.